-/*
- * Copyright 2001-2007 Internet2
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+/**
+ * Licensed to the University Corporation for Advanced Internet
+ * Development, Inc. (UCAID) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
+ *
+ * UCAID licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the
+ * License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
*/
/**
* SAML2ECPEncoder.cpp
*
- * SAML 2.0 ECP profile message encoder
+ * SAML 2.0 ECP profile message encoder.
*/
#include "internal.h"
#include <xmltooling/impl/AnyElement.h>
#include <xmltooling/io/HTTPResponse.h>
#include <xmltooling/util/NDC.h>
+#include <xmltooling/signature/Signature.h>
#include <xmltooling/soap/SOAP.h>
using namespace samlconstants;
{
public:
SAML2ECPEncoder(const DOMElement* e, const XMLCh* ns) : m_actor("http://schemas.xmlsoap.org/soap/actor/next"),
- m_providerName(e ? e->getAttributeNS(ns, ProviderName) : NULL), m_idpList(NULL) {
- DOMElement* child = e ? XMLHelper::getFirstChildElement(e, SAML20P_NS, IDPList::LOCAL_NAME) : NULL;
+ m_providerName(e ? e->getAttributeNS(ns, ProviderName) : nullptr) {
+ DOMElement* child = e ? XMLHelper::getFirstChildElement(e, SAML20P_NS, IDPList::LOCAL_NAME) : nullptr;
if (child)
- m_idpList = dynamic_cast<IDPList*>(XMLObjectBuilder::buildOneFromElement(child));
+ m_idpList.reset(dynamic_cast<IDPList*>(XMLObjectBuilder::buildOneFromElement(child)));
}
virtual ~SAML2ECPEncoder() {
- delete m_idpList;
+ }
+
+ const XMLCh* getProtocolFamily() const {
+ return samlconstants::SAML20P_NS;
}
long encode(
GenericResponse& genericResponse,
XMLObject* xmlObject,
const char* destination,
- const EntityDescriptor* recipient=NULL,
- const char* relayState=NULL,
- const ArtifactGenerator* artifactGenerator=NULL,
- const Credential* credential=NULL,
- const XMLCh* signatureAlg=NULL,
- const XMLCh* digestAlg=NULL
+ const EntityDescriptor* recipient=nullptr,
+ const char* relayState=nullptr,
+ const ArtifactGenerator* artifactGenerator=nullptr,
+ const Credential* credential=nullptr,
+ const XMLCh* signatureAlg=nullptr,
+ const XMLCh* digestAlg=nullptr
) const;
private:
auto_ptr_XMLCh m_actor;
const XMLCh* m_providerName;
- IDPList* m_idpList;
+ auto_ptr<IDPList> m_idpList;
AnyElementBuilder m_anyBuilder;
};
#ifdef _DEBUG
xmltooling::NDC ndc("encode");
#endif
- Category& log = Category::getInstance(SAML_LOGCAT".MessageEncoder.SAML2ECP");
+ Category& log = Category::getInstance(SAML_LOGCAT ".MessageEncoder.SAML2ECP");
log.debug("validating input");
if (xmlObject->getParent())
throw BindingException("Cannot encode XML content with parent.");
- Response* response = NULL;
+ Response* response = nullptr;
AuthnRequest* request = dynamic_cast<AuthnRequest*>(xmlObject);
if (!request) {
response = dynamic_cast<Response*>(xmlObject);
genericResponse.setContentType(request ? "application/vnd.paos+xml" : "text/xml");
HTTPResponse* httpResponse = dynamic_cast<HTTPResponse*>(&genericResponse);
if (httpResponse) {
+ httpResponse->setResponseHeader("Expires", "01-Jan-1997 12:00:00 GMT");
httpResponse->setResponseHeader("Cache-Control", "no-cache, no-store, must-revalidate, private");
httpResponse->setResponseHeader("Pragma", "no-cache");
}
body->getUnknownXMLObjects().push_back(xmlObject);
ElementProxy* hdrblock;
- QName qMU(SOAP11ENV_NS, Header::MUSTUNDERSTAND_ATTRIB_NAME, SOAP11ENV_PREFIX);
- QName qActor(SOAP11ENV_NS, Header::ACTOR_ATTRIB_NAME, SOAP11ENV_PREFIX);
+ xmltooling::QName qMU(SOAP11ENV_NS, Header::MUSTUNDERSTAND_ATTRIB_NAME, SOAP11ENV_PREFIX);
+ xmltooling::QName qActor(SOAP11ENV_NS, Header::ACTOR_ATTRIB_NAME, SOAP11ENV_PREFIX);
if (request) {
// Create paos:Request header.
hdrblock = dynamic_cast<ElementProxy*>(m_anyBuilder.buildObject(PAOS_NS, saml1p::Request::LOCAL_NAME, PAOS_PREFIX));
hdrblock->setAttribute(qMU, XML_ONE);
hdrblock->setAttribute(qActor, m_actor.get());
- hdrblock->setAttribute(QName(NULL, service), SAML20ECP_NS);
- hdrblock->setAttribute(QName(NULL, responseConsumerURL), request->getAssertionConsumerServiceURL());
+ hdrblock->setAttribute(xmltooling::QName(nullptr, service), SAML20ECP_NS);
+ hdrblock->setAttribute(xmltooling::QName(nullptr, responseConsumerURL), request->getAssertionConsumerServiceURL());
header->getUnknownXMLObjects().push_back(hdrblock);
// Create ecp:Request header.
hdrblock->setAttribute(qMU, XML_ONE);
hdrblock->setAttribute(qActor, m_actor.get());
if (!request->IsPassive())
- hdrblock->setAttribute(QName(NULL,IsPassive), XML_ZERO);
+ hdrblock->setAttribute(xmltooling::QName(nullptr,IsPassive), XML_ZERO);
if (m_providerName)
- hdrblock->setAttribute(QName(NULL,ProviderName), m_providerName);
+ hdrblock->setAttribute(xmltooling::QName(nullptr,ProviderName), m_providerName);
hdrblock->getUnknownXMLObjects().push_back(request->getIssuer()->clone());
if (request->getScoping() && request->getScoping()->getIDPList())
hdrblock->getUnknownXMLObjects().push_back(request->getScoping()->getIDPList()->clone());
- else if (m_idpList)
+ else if (m_idpList.get())
hdrblock->getUnknownXMLObjects().push_back(m_idpList->clone());
header->getUnknownXMLObjects().push_back(hdrblock);
}
hdrblock = dynamic_cast<ElementProxy*>(m_anyBuilder.buildObject(SAML20ECP_NS, Response::LOCAL_NAME, SAML20ECP_PREFIX));
hdrblock->setAttribute(qMU, XML_ONE);
hdrblock->setAttribute(qActor, m_actor.get());
- hdrblock->setAttribute(QName(NULL,AuthnRequest::ASSERTIONCONSUMERSERVICEURL_ATTRIB_NAME), response->getDestination());
+ hdrblock->setAttribute(xmltooling::QName(nullptr,AuthnRequest::ASSERTIONCONSUMERSERVICEURL_ATTRIB_NAME), response->getDestination());
header->getUnknownXMLObjects().push_back(hdrblock);
}
- if (relayState) {
+ if (relayState && *relayState) {
// Create ecp:RelayState header.
static const XMLCh RelayState[] = UNICODE_LITERAL_10(R,e,l,a,y,S,t,a,t,e);
hdrblock = dynamic_cast<ElementProxy*>(m_anyBuilder.buildObject(SAML20ECP_NS, RelayState, SAML20ECP_PREFIX));
}
try {
- DOMElement* rootElement = NULL;
+ DOMElement* rootElement = nullptr;
if (credential) {
if (request->getSignature()) {
log.debug("message already signed, skipping signature operation");
// Sign message while marshalling.
vector<Signature*> sigs(1,sig);
- rootElement = env->marshall((DOMDocument*)NULL,&sigs,credential);
+ rootElement = env->marshall((DOMDocument*)nullptr,&sigs,credential);
}
}
else {
stringstream s;
s << *rootElement;
- if (log.isDebugEnabled())
- log.debug("marshalled envelope:\n%s", s.str().c_str());
+ if (log.isDebugEnabled()) {
+ string forlog(s.str());
+ log.debug("marshalled envelope:\n%s", forlog.c_str());
+ }
log.debug("sending serialized envelope");
long ret = genericResponse.sendResponse(s);